Hello, I'm trying to get kerberos working with postgres 8.4 on openSUSE authenticating against AD. I have the server configured and can do a kinit against my account on the server. I have a keytab file produced by the administrators.
$ klist -kt poe3b.keytab Keytab name: FILE:bob.keytab KVNO Timestamp Principal ---- ----------------- -------------------------------------------------------- 1 12/31/69 19:00:00 HTTP/bob.lab2k....@lab2k.net I've added krb_srvname = 'HTTP' to postgresl.conf When I try and log in from psql on a windows workstation that is on the same AD domain, I get an entry in the log file: FATAL: GSSAPI authentication failed for user "jdoe", psql gives me: C:\Program Files\PostgreSQL\8.4\bin>psql -h bob testdb psql: SSPI continuation error: The specified target is unknown or unreachable (80090303) I tried just doing a kinit from linux without any luck, but I'm not sure if that it is really an issue or not. $kinit -V -k -t poe3b.keytab HTTP kinit(v5): Client not found in Kerberos database while getting initial credentials $ kinit -V -k -t poe3b.keytab HTTP/poe3b.lab2k.net kinit(v5): Preauthentication failed while getting initial credentials At this point, I don't know if it is an account issue on the AD server, the keytab file, postgres configuration, psql or something else!!! I did try some linux forums, but no response from there. Any help much appreciated. Thanks.
